I just developed one testing app in Android system, and try to use WiFi connection for C2DM push, but IT dept. hope that I can provide C2DM IP address for opening Firewall port:5228.
Does anyone know the IP address or FQDN for Google C2DM server ?
Thank you
Hostname/FQDN for C2DM service = android.apis.google.com
The push service uses a load balancing scheme that yields a different IP address for the same hostname.
The following link provides IP ranges of google cloud.
http://compnetworking.about.com/od/traceipaddresses/f/google-ip-address.htm
So you can specify that ranges in your firewall rules.
Ports needed to support Enterprise Mobility Management (Both IOS and Android)
https://kc.mcafee.com/corporate/index?page=content&id=KB70276&actp=LIST
Related
I'm developing an integration with an API which requires to whitelist customers based on IP addresses. I can easily get outbound IP from Production environments such as Azure or AWS and get those whitelisted.
How can I configure it for my desktop whose public IP keeps on changing after every few hours?
Getting a fixed IP address for your home computer is dependant on your internet provider. Sometimes they offer fixed IPs for 'Business' customers only or such.
Another solution might be to stand up an OpenVPN instance in your cloud then only whitelist that IP address and your expected partner prod addresses. Then you just connect to your VPN to access your API, you can do this from anywhere as your only dependant on the IP address of the cloud OpenVPN instance.
This solution also scales with your development as you only need to add new OpenVPN users to let other developers work with you and don't need their ever changing IP addresses.
I found an easy solution from NordVPN. It has an option to get a dedicated IP VPN :)
I have Google Cloud instance (RHEL 6.7 and I have an application working on HTTPS protocol on port 10614). This is perfectly working when I am using the internal IP https://10.125.0.7:10614/home.
I have an external IP with which I am connecting to this machine which is 104.118.81.121.
So i would like to expose my application to the internet using this IP address. Could you please help, how should I be doing the mapping for this?
I have already created the firewall rule for this, but it is not working.
You need to open port 10614 in your Google Cloud Console firewall. You can use the following link: https://console.cloud.google.com/networking/firewalls/list?project=your-project-id. Just replace your-project-id with your project id.
We are investigating adding the Kaa client to our products and using the Kaa server operationally, and we have some questions in the networking and protocol area. Our main concern is having the IoT device access the IoT server through the Internet without being blocked by the firewall at the IoT device in a "typical" environment. For this reason we see that HTTP/HTTPS using port 80/443 is often used.
Do you believe that most of the IoT device will communicate because most firewalls allow all outgoing traffic?
Or do you think that most end users will have to explicitly configure a firewall rule for the IoT device?
What was the rationale for using the port numbers 9889/9888 and 9999/9997?
Can these port numbers be reasonablely modified? If so, where and how?
Is there a specification of the Kaa TCP protocol?
Thank You
Keith Krajewski
About Kaa TCP protocol use official documentation page
you can change ports of bootstrap and operations services in this files:
bootstrap-http-transport.config
bootstrap-tcp-transport.config
operations-http-transport.config
operations-tcp-transport.config
I have been looking for an answer to this problem, but I cannot find what I am looking for. I think, perhaps, it is because I lack the knowledge to ask the question in meaningful way.
I have been learning a lot about remote access to devices at home. I know that ISP's change public IP addresses regularly (dynamic IP address). I know that to get around this, one could use a service like "no-ip", etc. Or one could get a static IP address.
What I do not understand is how some of the latest home automation devices are able to be controlled remotely without use of a static IP, or a service like "no-ip". For example, a wifi enabled thermostat, or lighting system.
If the device had a built in server, or client, then I assume that the device could connect to an outside server in a remote location. The user could then also log into that server and send commands to the device. What I don't understand is how commands sent to the device from a cell phone, for example, can reach the home device. Presumably the off site location of the server would have to know the public IP address where the devise is located, and then port-forwarding would have to be set up to allow access to the device.
What am I missing here? Is it possible to create a homemade wifi enabled thermostat, webcam, or other device without using port-forwarding, no-ip, or a static IP?
Well, there are several ways to bypass the inbound connection constraint of NAT protocol. Such as:
A virtual adapter on the device configured to a VPN server that has an inbound port open ready to transfer data. Various open source solutions such as openVPN are considered as great examples for this service over IOT boards like Raspberry Pi, Beagle Bone, etc. These are used as gateways often. Further, they communicate with the microcontrollers over popular IOT protocols such as MQTT, COAP, etc.
Another solution is to create a port forwarding tunnel, since the router won't block the outbound connection. There are various tunneling services that are availble such as localtunnel, ngrok, etc. You could also use a cloud server that has a public IP such as AWS, DigitalOcean, etc. Again as above mentioned point, they can be implemented in the gateways.
Some devices "phone home" to a server so that there are ports open between them and the servers, and the mobile apps just contact the servers. This is the same way your web browser can receive web pages from a web server. If you have a NAT router, the router must open a port from the inside device to the outside server. This is maintained in a NAT table with expiration timers for UDP and session monitoring for TCP.
Im building out an Azure hosted website, but it needs to reach into our home office to connect to some internally hosted web services. Our firewall is setup to only allow traffic over certain IP's, so we're looking to determine what IP range we need to allow access to.
Currently I'm still using the MSDN "Free" Azure subscription, so I don't know what options may be limited, but is there a way I can determine what source IP, subnet, whatever my Azure hosted site will attempt to call my web services from?
Thanks!
Be careful opening your firewall to the entire Azure datacenter IP ranges. Anybody can host anything in Azure, including malicious software, so if you open your firewall to the entire Azure IP range you may as well just open to 0.0.0.0-255.255.255.255 because in effect you are getting the same security.
A better option is to deploy your service and just whitelist that one IP address. That IP address is guaranteed to remain the same until you delete your service. With the ability to do in-place upgrades and VIP swaps there should be no reason why you would need to delete your hosted service and lose your IP address. If you ever do run into a scenario where you need to delete/redeploy you can always update your firewall at that time.
It sounds like this is what you're looking for:
Windows Azure Datacenter IP Ranges